class ApplicationController < ActionController::Base

  helper :all # include all helpers, all the time

  # See ActionController::RequestForgeryProtection for details
  # Uncomment the :secret if you're not using the cookie session store
  protect_from_forgery :secret => '8fc080370e56e929a2d5afca5540a0f7'
  
  # See ActionController::Base for details 
  # Uncomment this to filter the contents of submitted sensitive data parameters
  # from your application log (in this case, all fields with names like "password"). 
  # filter_parameter_logging :password

  # Metodo para validar el user de tipo admin
  protected
  
  def is_admin?
   unless User.find_by_id(session[:user_id]) and User.find_by_id(session[:user_id]).role == "admin"
    redirect_to(:controller => "home", :action => "index")
  end
  end

  # Metodo para validar user, tipo user  
  def is_user?
   unless User.find_by_id(session[:user_id])
      flash[:notice] = "Por favor inicie sesion."
      redirect_to :controller => 'admin', :action => 'login'
    end
  end
 end


